How to restrict the verification code to use only once

How to restrict the verification code can be used only once. assuming there is an activity, we have implemented that each account can only participate once.
If a person obtains a verification code and submits the same verification code, he or she switches to another account to participate in the activity.
Can this approach be implemented? if so, how can we avoid it! The verification code is encrypted and bound to the account. do you verify the verification code when submitting the verification code?

Reply to discussion (solution)

Verification codes are generated dynamically and verified in real time.
There is no such phenomenon

Different accounts are allowed to participate in the activity.

The verification code is just a little effort for users.

I'm curious. I cannot change my account. how do you determine the qualification?

Changing the account session is different, because the original session is destroyed at exit.
Different sessions make different verification codes.

Well, I may not express it well. I mean, this is the case. Different accounts can participate. account A uses account A to obtain the verification code through the interface and save it in the SESSION. at this time, after account A passes the verification, account A Continues to switch to Account B, if you do not obtain the verification code at this time, can you submit the original verification code directly for verification? (Assuming a program written by a malicious user)

Should the SESSION be destroyed immediately after the verification is successful to prevent it?

You still have A channel. how can I change account A to Account B? Either exit, close the browser, or change the browser
A session only corresponds to one login of one account. is the session destroyed upon exit ?? I won't say I didn't do this before, right?

The client can only get the cookie, but cannot change the value in the session. just do not store the content in the session into the cookie.

Is your verification code fixed?

You still have A channel. how can I change account A to Account B? Either exit, close the browser, or change the browser
A session only corresponds to one login of one account. is the session destroyed upon exit ?? I won't say I didn't do this before, right?

The client can only get the cookie, but cannot change the value in the session. just do not store the content in the session into the cookie.

My logon is not a SESSION and only uses COOKIES!
Assume that I am using a SESSION. the SESSION saved in my verification code is related to the SESSION saved by the user login?

Dizzy ...... Speechless

You can do this. add A verification code field to the database to set A unique attribute. if A logs on to the database, the verification code is saved to the verification code of account A. If this is not the case, it can be bound.

I do not know your specific implementation. we recommend that you destroy the current value immediately after the user enters the verification code.
The verification code can be longer, such as 5-6 digits, to reduce the duplication caused by the mechanism.
Hope to help you !!!

In this case, provide an idea.

Write the used verification code to the data table. each time the user submits the verification code, the database is queried. one field is used to determine whether the verification code is used. This prevents repeated verification codes, similar to the invitation code.